VARIoT latest news about IoT security

More than half of medical devices found to have critical vulnerabilities Trust: 3.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: default credentials

Affected products	External IDs

HomeKit vulnerability may cause iOS devices to freeze, crash - Digital India Web Trust: 5.5 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	macos
vendor:	apple	model:	icloud

Linux flaw that allows anyone to hijack Internet traffic also affects 80% of Android devices Trust: 3.75 Fetched: May 13, 2022, 8:11 a.m., Published: Aug. 15, 2016, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2016-5696

Log4j2 Vulnerability: How to Mitigate CVE-2021-44228 \| CrowdStrike Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 4.75 Fetched: May 13, 2022, 8:11 a.m., Published: Dec. 10, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

snort

model:

snort

db:

NVD

ids:

CVE-2021-44228

Over Half of Medical IoT Devices Found Vulnerable to Cyberattacks Trust: 4.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: default credentials

Affected products	External IDs

Outdated IoT healthcare devices pose major security threats \| CSO Online Trust: 4.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 5, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

cisco

model:

ip phone

An In-Depth Look at the 23 High-Impact Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202202-0009, VAR-202202-0007, VAR-202202-0108, VAR-202106-0358, VAR-202202-0147, VAR-202202-0037, VAR-202110-0264, VAR-202202-0129, VAR-202202-0102 Trust: 4.25 Fetched: May 13, 2022, 8:11 a.m., Published: May 23, 2022, midnight	Vulnerabilities: code execution, memory corruption, privilege escalation

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	lenovo	model:	system
vendor:	lenovo	model:	bios

db:

NVD

ids:

CVE-2021-33627, CVE-2021-43522, CVE-2021-41839, CVE-2020-5953, CVE-2021-45971, CVE-2021-43323, CVE-2021-45970, CVE-2021-41840, CVE-2021-42060, CVE-2021-42113, CVE-2022-24031, CVE-2021-41837, CVE-2021-41841, CVE-2021-45969, CVE-2022-24030, CVE-2020-27339, CVE-2021-43615, CVE-2021-42554, CVE-2021-33625, CVE-2021-33626, CVE-2022-24069, CVE-2021-42059, CVE-2021-41838

Half of IoT devices in hospitals have a known critical - Inavate Trust: 3.25 Fetched: May 13, 2022, 8:11 a.m., Published: Jan. 31, 2022, midnight	Vulnerabilities: -

Affected products	External IDs

Apple iOS 15.3 and iPadOS 15.3 address a number of security vulnerabilities \| Digit Related entries in the VARIoT vulnerabilities database: VAR-202201-0561, VAR-202201-0554 Trust: 5.5 Fetched: May 13, 2022, 8:11 a.m., Published: May 15, 2022, midnight	Vulnerabilities: denial of service, memory corruption

Affected products

External IDs

vendor:	apple	model:	ipod touch
vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	apple	model:	ipad
vendor:	apple	model:	icloud
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2022-22587, CVE-2022-22594

Two Dozen UEFI Vulnerabilities Impact Millions of Devices From Major Vendors \| SecurityWeek.Com Trust: 4.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	siemens	model:	ip camera
vendor:	lenovo	model:	system
vendor:	lenovo	model:	edge

Major device vendors face 23 UEFI firmware vulnerabilities Trust: 4.5 Fetched: May 13, 2022, 8:11 a.m., Published: May 23, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	lenovo	model:	updates
vendor:	lenovo	model:	bios firmware
vendor:	lenovo	model:	system
vendor:	lenovo	model:	bios

SpiderLabs Blog \| Trustwave Trust: 4.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 24, 2022, midnight	Vulnerabilities: denial of service, code execution, information disclosure

Affected products	External IDs

BlueZ Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: March 19, 2005, 6:18 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

mesh

model:

mesh

Google Patches 48 Vulnerabilities With First Set of 2022 Android Updates - Security & Networking - Scot's Newsletter Forums Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2048, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

Dahua Broken Access Control Vulnerability Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: Jan. 25, 2022, 10:53 a.m.	Vulnerabilities: access control vulnerability

Affected products	External IDs

Apple rolls out iOS 15.2.1 and iPadOS 15.2.1 with bug fixes for operating system vulnerabilities - The Economic Times Trust: 4.0 Fetched: May 13, 2022, 8:11 a.m., Published: Feb. 15, 2001, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	icloud

What is Secure Coding and Why is It important? \| VPNOverview Trust: 3.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 5, 2022, midnight	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:

trend

model:

security

November 2021 : FCA Notification - CATALYS™ Precision Laser System : Patch installation due to potential cybersecurity vulnerability concerning the Windows Print Spooler Service. - Medical Device Authority (MDA) Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: Nov. 13, 2021, midnight	Vulnerabilities: code execution

Affected products	External IDs

Security Advisory for KCodes NetUSB Vulnerabilities \| TP-Link Nederland Related entries in the VARIoT vulnerabilities database: VAR-202112-2341 Trust: 3.75 Fetched: May 13, 2022, 8:10 a.m., Published: May 6, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	tp-link	model:	archer c1200
vendor:	tp-link	model:	archer c7
vendor:	kcodes	model:	netusb

db:

NVD

ids:

CVE-2021-45608

Major Linux PolicyKit Security Vulnerability Uncovered: Pwnkit - Slashdot Trust: 4.75 Fetched: May 13, 2022, 8:10 a.m., Published: May 30, 2022, midnight	Vulnerabilities: memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2021-4034

VARIoT news about IoT security